From 08f0670aca9ac9f9b05c2be7c30912ef1bd0edfd Mon Sep 17 00:00:00 2001
From: stamparm <miroslav.stampar@gmail.com>
Date: Thu, 21 Feb 2013 14:39:22 +0100
Subject: [PATCH] Minor refactoring for an Issue #290

---
 lib/controller/checks.py | 20 +++++++++++---------
 lib/core/option.py       |  2 +-
 waf/modsecurity.py       |  5 +----
 waf/proventia.py         |  6 ------
 waf/webappsecure.py      |  6 ------
 5 files changed, 13 insertions(+), 26 deletions(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 2c38ece1b..520c926a8 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1059,22 +1059,24 @@ def identifyWaf():
 
     retVal = False
 
-    for function, product, request in kb.wafFunctions:
-        found = False
-
-        if not request:
+    for function, product in kb.wafFunctions:
+        try:
             found = function(_)
-        else:
-            pass
+        except Exception, ex:
+            errMsg = "exception occured while running "
+            errMsg += "WAF script for '%s' ('%s')" % (product, ex)
+            logger.critical(errMsg)
+
+            found = False
 
         if found:
             retVal = product
             break
 
     if retVal:
-        warnMsg = "WAF/IDS/IPS identified ('%s'). Please " % retVal
-        warnMsg += "consider usage of tamper scripts (option '--tamper')"
-        logger.critical(warnMsg)
+        errMsg = "WAF/IDS/IPS identified ('%s'). Please " % retVal
+        errMsg += "consider usage of tamper scripts (option '--tamper')"
+        logger.critical(errMsg)
     else:
         warnMsg = "WAF/IDS/IPS product not identified"
         logger.warn(warnMsg)
diff --git a/lib/core/option.py b/lib/core/option.py
index 4cd87bf3b..8244f2fc9 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -925,7 +925,7 @@ def _setWafFunctions():
                 errMsg += "in WAF script '%s'" % found
                 raise SqlmapGenericException(errMsg)
             else:
-                kb.wafFunctions.append((_["detect"], _.get("__product__", filename[:-3]), _.get("__request__")))
+                kb.wafFunctions.append((_["detect"], _.get("__product__", filename[:-3])))
 
 def _setThreads():
     if not isinstance(conf.threads, int) or conf.threads <= 0:
diff --git a/waf/modsecurity.py b/waf/modsecurity.py
index 5fcf3cec4..ac8b4ebb9 100644
--- a/waf/modsecurity.py
+++ b/waf/modsecurity.py
@@ -5,9 +5,6 @@ Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """
 
-import re
-
-from lib.core.enums import HTTPHEADER
 from lib.core.settings import WAF_ATTACK_VECTORS
 
 __product__ = "ModSecurity: Open Source Web Application Firewall (Trustwave)"
@@ -18,7 +15,7 @@ def detect(get_page):
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
         if code == 501:
-            retVal = True
+            retval = True
             break
 
     return retval
diff --git a/waf/proventia.py b/waf/proventia.py
index 615c96a7b..3083428a4 100644
--- a/waf/proventia.py
+++ b/waf/proventia.py
@@ -5,12 +5,6 @@ Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """
 
-import re
-
-from lib.core.data import kb
-from lib.core.enums import HTTPHEADER
-from lib.core.settings import WAF_ATTACK_VECTORS
-
 __product__ = "Proventia Web Application Security (IBM)"
 
 def detect(get_page):
diff --git a/waf/webappsecure.py b/waf/webappsecure.py
index f51443808..7bd417473 100644
--- a/waf/webappsecure.py
+++ b/waf/webappsecure.py
@@ -5,12 +5,6 @@ Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """
 
-import re
-
-from lib.core.data import kb
-from lib.core.enums import HTTPHEADER
-from lib.core.settings import WAF_ATTACK_VECTORS
-
 __product__ = "webApp.secure (webScurity)"
 
 def detect(get_page):